Fedora 43 : libgit2 (2026-c0124f91bf)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c0124f91bf advisory. Update to version 1.9.2. Release notes: https://github.com/libgit2/libgit2/releases/tag/v1.9.2 Tenable has extracted the preceding description block directly...

WordPress ModelTheme Framework plugin <= 1.9.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin ModelTheme Framework versions = 1.9.2...

SUSE CVE-2025-66292

DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. Authenticated users can delete arbitrary files on the server via path traversal. When a user logs into the administrative...

CVE-2025-66292

DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. Authenticated users can delete arbitrary files on the server via path traversal. When a user logs into the administrative...

CVE-2019-12723

An issue was discovered in the Teclib Fields plugin through 1.9.2 for GLPI. it allows SQL Injection via containerid and oldorder parameters to ajax/reorder.php by an unauthenticated user...

CVE-2025-68475 Fedify has ReDoS Vulnerability in HTML Parsing Regex

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.6.13, 1.7.14, 1.8.15, and 1.9.2, a Regular Expression Denial of Service ReDoS vulnerability exists in Fedify's document loader. The HTML parsing regex at...

CVE-2025-68475 Fedify has ReDoS Vulnerability in HTML Parsing Regex

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.6.13, 1.7.14, 1.8.15, and 1.9.2, a Regular Expression Denial of Service ReDoS vulnerability exists in Fedify's document loader. The HTML parsing regex at...

EUVD-2025-202024

Missing Authorization vulnerability in opicron Image Cleanup image-cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Cleanup: from n/a through = 1.9.2...

CVE-2025-62737 WordPress Image Cleanup plugin <= 1.9.2 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in opicron Image Cleanup image-cleanup allows Retrieve Embedded Sensitive Data.This issue affects Image Cleanup: from n/a through = 1.9.2...

CVE-2025-62736

CVE-2025-62736 : WordPress Image Cleanup plugin (

CVE-2025-62737 WordPress Image Cleanup plugin <= 1.9.2 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in opicron Image Cleanup image-cleanup allows Retrieve Embedded Sensitive Data.This issue affects Image Cleanup: from n/a through = 1.9.2...

WordPress plugin Image Cleanup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

EUVD-2025-158260

The Save as PDF Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's restpackpdfbutton shortcode in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-8397 Save as PDF Button <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via restpackpdfbutton Shortcode

The Save as PDF Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's restpackpdfbutton shortcode in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-8397

The CVE concerns the WordPress plugin Save as PDF Button. All versions up to 1.9.2 are vulnerable to Stored Cross-Site Scripting via the restpackpdfbutton shortcode due to insufficient sanitization/escaping of user attributes. Authenticated attackers with contributor-level access (or higher) can ...

WordPress Save as PDF Button plugin <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via restpackpdfbutton Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via restpackpdfbutton Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Save as PDF Button versions = 1.9.2...

WordPress plugin Save as PDF Button 跨站脚本漏洞

The WordPress Save as PDF Button plugin is a tool that adds one-click PDF generation functionality to WordPress websites, allowing visitors to save web content e.g., articles, product pages, etc. as PDF files with the click of a button. WordPress Save as PDF Button plugin has a cross-site scripti...

CVE-2025-62968

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Stored XSS.This issue affects WP Last Modified Info: from n/a through = 1.9.2...

CVE-2025-62968 WordPress WP Last Modified Info plugin <= 1.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Stored XSS.This issue affects WP Last Modified Info: from n/a through = 1.9.2...

WordPress plugin WP Last Modified Info security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...